Do booking tools sign a BAA?

5 of the tracked tools publicly offer a signed Business Associate Agreement: Acuity Scheduling, Setmore, vcita, GReminders, Vagaro. A BAA is required to handle protected health information at booking under HIPAA, so for clinics and dental offices it is the figure that matters most. Some, like Acuity, gate the BAA to a specific paid tier.

Is HIPAA the same as having a BAA?

No. A vendor can market HIPAA-compliant scheduling without signing a BAA. Only a signed BAA legally permits processing protected health information on your behalf, so confirm the BAA, not just the claim — and check which tier it requires.

Why does HIPAA matter for appointment booking?

Even the reason-for-visit field, an intake form or an SMS reminder that names a service can expose protected health information. Without a BAA, routing that through a booking tool can breach HIPAA, so verify compliance before collecting patient data.

Answers · updated Jun 12, 2026

Which online booking tools are HIPAA compliant?

Of 17 tracked booking & scheduling tools, 7 publicly state HIPAA support and 5 also offer a signed BAA (Acuity Scheduling, Setmore, vcita, GReminders, Vagaro). For a medical, dental or therapy front desk collecting patient details at booking, the signed BAA is the document that matters — the rest say nothing about HIPAA publicly, which we record as "not published," not as "no." Some gate the BAA behind a higher tier (e.g. Acuity Premium).

As of Jun 12, 2026 · figures linked to their source in the table below

The data behind this answer

Every figure links to the vendor page it was captured from, with the date we last verified it. Sorted by the value column.
Vendor	Compliance posture	Detail
Acuity Scheduling	HIPAA + signed BAA acuityscheduling.com verified Jun 12, 2026	BAA available
Fresha	HIPAA stated	BAA not published
GlossGenius	HIPAA stated glossgenius.com verified Jun 12, 2026	BAA not published
GReminders	HIPAA + signed BAA greminders.com verified Jun 12, 2026	BAA available
Setmore	HIPAA + signed BAA setmore.com verified Jun 12, 2026	BAA available
Vagaro	HIPAA + signed BAA	BAA available
vcita	HIPAA + signed BAA vcita.com verified Jun 12, 2026	BAA available

Figures normalized and sourced as of Jun 12, 2026. See the methodology for how each number is captured, dated and normalized, or the full comparison matrix for every vendor.

Frequently asked

Do booking tools sign a BAA?: 5 of the tracked tools publicly offer a signed Business Associate Agreement: Acuity Scheduling, Setmore, vcita, GReminders, Vagaro. A BAA is required to handle protected health information at booking under HIPAA, so for clinics and dental offices it is the figure that matters most. Some, like Acuity, gate the BAA to a specific paid tier.
Is HIPAA the same as having a BAA?: No. A vendor can market HIPAA-compliant scheduling without signing a BAA. Only a signed BAA legally permits processing protected health information on your behalf, so confirm the BAA, not just the claim — and check which tier it requires.
Why does HIPAA matter for appointment booking?: Even the reason-for-visit field, an intake form or an SMS reminder that names a service can expose protected health information. Without a BAA, routing that through a booking tool can breach HIPAA, so verify compliance before collecting patient data.

Which online booking tools are HIPAA compliant?

The data behind this answer

Frequently asked

Related questions